PT-2026-32999 · Tokenoftrust · Age Verification & Identity Verification

Teerachai Somprasong

Published

2026-04-15

Updated

2026-04-15

CVE-2026-2834

CVSS v3.1

7.2

High

Vector

AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N

Name of the Vulnerable Software and Affected Versions Age Verification & Identity Verification by Token of Trust versions prior to 3.32.4

Description The Age Verification & Identity Verification by Token of Trust plugin for WordPress contains a Stored Cross-Site Scripting issue. This occurs due to insufficient input sanitization and output escaping within the description parameter. Unauthenticated attackers can exploit this to inject arbitrary web scripts into pages, which then execute when a user accesses the affected page.

Recommendations Update to a version newer than 3.32.3. As a temporary workaround, restrict or avoid using the description parameter until the update is applied.

Fix

XSS

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-79

Related Identifiers

CVE-2026-2834

Affected Products

Age Verification & Identity Verification

PT-2026-32999 · Tokenoftrust · Age Verification & Identity Verification

CVE-2026-2834

Weakness Enumeration

Related Identifiers

Affected Products

References · 5